mengyxu
/
note
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
个人笔记
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
4.8 MiB
 
Tree: edcda14c35
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'edcda14c35'
${ noResults }
note/5.linux环境/3.nginx.md

6.9 KiB
Raw Blame History

安装卸载

使用源码

  • 准备环境

    yum -y install gcc
yum install -y pcre pcre-devel
yum install -y zlib zlib-devel

  • 下载

    官方下载页面

    wget http://nginx.org/download/nginx-1.16.1.tar.gz

    下载后需解压解压

  • 编译与安装

    ./configure    --prefix=指定安装目录前缀  --with指定额外的模块
make
make install	DESTDIR=指定安装目录后缀

    将安装目录的bin目录下可执行文件nginx拷贝到/sbin目录下,这样可以在任意目录下执行nginx命令

  • 运行与停止

    ningx
nginx -s stop
nginx -s reload

  • 卸载

    删除安装目录,删除/sbin/nginx文件

使用docker

  • 安装docker

  • 下载镜像

    docker pull nginx

  • 创建挂载目录

    mkdir /home/ningx
cd /home/ningx/
mkdir data log
touch nginx/conf

  • 创建并运行容器

    docker run -d --name nginx --restart=always -p 80:80 -v /home/nginx/nginx.conf:/etc/nginx/nginx.conf -v /home/nginx/logs:/var/log/nginx -v /home/nginx/data:/home nginx

    容器配置文件位置:/etc/nginx/nginx.conf

    容器日志目录:/var/log/nginx

    容器数据目录:/home

  • 运行与重启

    docker start nginx
docker stop nginx
docker restart nginx

  • 卸载

    删除容器与镜像

    docker rm -f nginx
docker rm nginx

    删除数据

    rm -rf /home/nginx

配置

http反向代理配置

  • 根据路径分发到不同端口参数配置示例

    http {
    include       mime.types;
    default_type  application/octet-stream;

    server {
        listen       80;
        server_name  localhost;

        location / {
            root   proxy_pass http://127.0.0.1:8080;
            index  index.html index.htm;
        }

        location /fence {
            root   proxy_pass http://127.0.0.1:8081;
            index  index.html index.htm;
        }

        location /RfsSniffer {
            root   proxy_pass http://127.0.0.1:8433;
            index  index.html index.htm;
        }
    }
}

  • 根据域名分发到不同端口参数配置示例

    http {

    server {
        listen       80;
        server_name  localhost;

        location / {
            proxy_pass http://127.0.0.1:8081;
            index  index.html index.htm;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

    }

    server {
        listen       80;
        server_name  location.xumy.vip;

        location / {
            proxy_pass http://127.0.0.1:8081;
            index  index.html index.htm;
        }

    }

}

tcp转发

转发https请求,无需在nginx配置ssl证书,nginx版本号必须 >1.15.2,编译时必须配置以下模块

--with-http_stub_status_module --with-http_ssl_module --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module

  • 同一个端口监听http与https请求配置示例,$ssl_preread_protocol,可以让stream区分web ssl/tls和其他协议

    stream {
    upstream http{
        server 127.0.0.1:8081;
    }

    upstream https{
        server 127.0.0.1:8433;
    }

    map $ssl_preread_protocol $upstream{
        default http;
        "TLSv1.3" https;
        "TLSv1.2" https;
        "TLSv1.1" https;
        "TLSv1.0" https;
        "TLSv1" https;
        "TLSv2" https;
        "SSLv2" https;
        "SSLv3" https;
    }

    server {
        listen 0.0.0.0:28181;
        ssl_preread on;
        proxy_pass $upstream;
    }

}

  • http与stream混合使用

    http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;

    server {
        listen       80;
        server_name  localhost;

        location / {
        proxy_pass http://127.0.0.1:8081;
            index  index.html index.htm;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }

    server {
        listen       80;
        server_name  location.xumy.vip;

    location / {
        proxy_pass http://127.0.0.1:8081;
            index  index.html index.htm;
        }
    }

    server {
        listen       80;
        server_name  monitor.xumy.vip;

        location / {
        proxy_pass http://127.0.0.1:8082;
            index  index.html index.htm;
        }
    }

    server {
        listen       80;
        server_name  whims.xumy.vip;

        location / {
        proxy_pass http://127.0.0.1:801;
            index  index.html index.htm;
        }
    }

    server {
        listen       80;
        server_name  license.xumy.vip;

        location / {
            proxy_pass http://127.0.0.1:88;
            index  index.html index.htm;
        }
    }

    server {
        listen       80;
        server_name  robust.xumy.vip;

        location / {
            proxy_pass http://127.0.0.1:89;
            index  index.html index.htm;
        }
    }

    server {
        listen       80;
        server_name  dzwl.xumy.vip;

        location / {
            proxy_pass http://127.0.0.1:805;
            index  index.html index.htm;
        }
    }

}

stream{

    log_format proxy '$remote_addr - [$time_local] $protocol $status "$upstream_addr" $remote_addr $remote_port ';
    access_log /home/work/logs/nginx/tcp-access.log proxy;
    open_log_file_cache off;

    map_hash_bucket_size 64;

    map $ssl_preread_protocol $upstream{
    default http;
    "TLSv1.3" $https;
    "TLSv1.2" $https;
    "TLSv1.1" $https;
    "TLSv1.0" $https;
    "TLSv1" $https;
    "TLSv2" $https;
    "SSLv2" $https;
    "SSLv3" $https;
    }

    map $ssl_preread_server_name $https{
    default dzwl;
    }

    upstream http {
        server 127.0.0.1:80;
    }

    upstream dzwl {
        server 127.0.0.1:806;
    }

    server{
        listen 8080;
        ssl_preread on;
        proxy_pass $upstream;
        proxy_connect_timeout 15s;
        proxy_timeout 15s;
        proxy_next_upstream_timeout 15s;
    }

}